26
9月

Tittle: 2017.9.28

0 作者:admin

Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

Broadcom: Denial of service and OOB read in TCP KeepAlive Offloading

FIN7 Group Uses JavaScript and Stealer DLL Variant in New Attacks

Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity

the analysis about a CryptoWorm based on XMRig, an open sourced Monero miner.

新型 Android 银行木马“MoqHao”利用社交网络隐藏 C&C 服务器

McAfee Labs Threat Report 2017:the key reason for the popularity of script-based malware

How one hacker stole thousands of dollars worth of cryptocurrency with a classic code injection hack on EtherDelta and what you can learn from it

CLRGuard - Let's Kick the Door Down. Part One

Malware Detection Approach for Android systems Using System Call Logs

The Book of the Runtime - The internals of the .NET Runtime that you won't find in the documentation

the ultimate 100+ page crypto hardening guide for sysadmins

Fibaro Smart home: remote command execution (RCE)

Overview about existing tools that can be useful for AWS auditing purposes.

bugbounty-cheatsheet:A list of interesting payloads, tips and tricks for bug bounty hunters.

tools detect.location:a proof of concept to highlight a privacy loophole that can be abused by iOS apps to access the user's iOS location data without actually having access

tools VIKIROOT:CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow

tools ipaspect:simple IPA inspect tool

tools Awesome-MitM:Curated List of MitM frameworks on GitHub

tools dumpsniffer:tools for analyzing strings from password lists

tools DirectedGraphsWV:Directed Graph Editor and Library, also xbox 360 XEX decompiler 3

tools BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis.

tools Osprey是一个可扩展的开源漏洞检测与利用框架(Python3开发),可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口和Web接口,可供灵活调用,也可用于构建自己的扫描器。


评论


当前没有评论,快来评论吧!





来说点什么吧